Exporting contents of the Event Log module
The export contains the contents of the Event Log module.
You can filter the entries of the Event log before export using the following criteria:
- Start and end time
- A specified time period (in days)
- Component ID
Additionally, you can define:
- The maximum number of lines to be exported
-
If raw data should be exported as well
If enabled, raw data will be added to the resulting CSV file in a separate column named Data. The values in this column are tab-separated by default. To avoid formatting issues, we recommend using a CSV delimiter other than a tab when exporting.
Settings for the ExportModule
In addition to the keys described in the Parameter file section, the parameter file can also contain the following keys specifically for this export.
Section Common
In the [Common] section, the following keys can be configured:
| Key | Description | Possible Values |
|---|---|---|
| IncludeRawData | The Export API is available to tenant-level users with the right permissions. It uses secure, token-based authentication and is built for flexible, high-performance data extraction, even when the data is large or complex. | 0: No raw data is exported (default value). 1: Raw data is exported as well. |
Section Filter
In the [Filter] section, the following keys can be configured:
| Key | Description |
|---|---|
| FilterFrom | Start of the time period according to which entries are to be filtered (as a timestamp in UTC format). The date is included in the filter. To output only the differences to the last export, you can enter the value LastExecution here. The timestamp of the last executed export is entered under this key in the [Result] section. |
| FilterTo | End of the time period according to which entries are to be filtered (as a timestamp in UTC format). The date is not included in the filter. |
| LastXDays | Period in days for which entries are to be exported. |
| MaxLines | Maximum number of lines to be exported. Default value is 100,000. This means that if the complete list consists of more than 100,000 entries and nothing is entered here, not all entries are exported, but only 100,000. |
| ComponentId | Component ID by which the entries are to be filtered. |
Example call
Parameter file Eventlog.ini
[Common]
ReportType=Eventlog
ExportFile=D:\Test\Eventlog.csv
[Filter]
FilterFrom=`<2021-04-17T08:12Z>`
FilterTo=`<2021-04-21T18:00Z>`
[User]
Account={User}
Password={Password}
Output file
The export can be generated in either CSV or JSON format, depending on your selected output option.
The CSV output file contains the following columns.
| Column | Description |
|---|---|
| Timestamp | Date of change |
| Type_ID | ID of event type |
| Type | Event type. Possible values: Successful, Error, Information, Warning |
| Source | Data source, server that reported the event |
| Category_ID | ID of the event category |
| Category | Category of the event |
| Event | Event |
| Computer name | Name of the computer on which the event took place |
| Message | Text of the message |
| Data | A Show details button with which the raw data can be displayed The column is only displayed if the IncludeRawData entry is set to 1. |
Related topics